—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Secure Boot Bypass Vulnerability in CISCO 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Component Affected

1000 Series Integrated Services Routers    17.8.1

1100 Terminal Services Gateways 17.7.1

4000 Series Integrated Services Routers 17.3.1

8100 Series Secure Routers 17.15.1

8400 Series Secure Routers 17.12.1

ASR 1000 Series Aggregation Services Routers 17.7.1

C8375-E-G2 Platforms 17.15.3

Catalyst 8200 Series Edge Platforms 17.8.1

Catalyst 8300 Series Edge Platforms 17.8.1

Catalyst 8500L Edge Platforms 17.8.1

Catalyst 9200 Series Switches 17.8.1

Catalyst ESS9300 Embedded Series Switch 17.13.1

Catalyst IE3100 Heavy Duty Series Switches 17.17.1

Catalyst IE3100 Rugged Series Switches 17.12.1

Catalyst IR1100 Rugged Series Routers 17.13.1

Catalyst IR8100 Heavy Duty Series Routers 17.4.1

Catalyst IR8300 Rugged Series Routers 17.7.1

Catalyst IE9300 Rugged Series Switches 17.13.1

IE3500 Heavy Duty Series Switches 17.17.1

IE3500 Rugged Series Switches 17.17.1

VG410 Analog Voice Gateways 17.17.1

Overview

Multiple vulnerabilities have been reported in  Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Cisco IOS XE Software.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

These vulnerabilities exist due to improper validation of software packages. An attacker could exploit these vulnerabilities by placing a crafted file into a specific location on an affected device.

Successful exploitation of these vulnerabilities could allow the attacker to execute persistent code on the underlying operating system.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC

CVE Name

CVE-2025-20313

CVE-2025-20314

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjyJ9IACgkQ3jCgcSdc

ys8lWw/+OJ0dK/8JKCg7AF97PuRjMIK1TbgKxzhCEi41w5l5QgECf05tbs3QlaHW

JabqJ120y3SC7mE43+LfoAI3NP2r4KzlHK+MhEjm6skjoMeKKGS7uxfSuSoVJo01

6H1iYHfICBYfFzwthO8eZ1YWdpkQgECrOXlyKToOFjPv9hLB8ivR9pOuJpQz+7vQ

OF0LaMl1dk/Lbvt2oXOlV7qA3/pKbdsu3KDJcnMLMMEyvsDQ8GMPUdwrAPclo3Kx

9Rehovqq8WBtlfblyBJjQ5aoLnqTxAI249EJBy17plX5cninZ+EWWUWVa+dwgt2/

1yDY4c0GrrE3uUJF/MV7hWo3w+yIpebHU77OQBamtboOu9pkrhpiHmeyNYVYCAv3

PX3B9RSJZ9JBSEKRPFU9ACF/Z8W58+0scHeaquwsYEoVdkxJCPGUC832L68qeFTG

piP4OTYyCUP+6HDOfnGoEp7zRwmIPzwlUk9Uh2u5VWn8p3gMH//zr8mEfS8lz6NY

wqzWSMFZgbwZ849DyQ/Ofv+YYfcvCihGqGyOyq21rFMfX1KkwVf+GHDxx9b8FfPi

VnhPsduJQlapu7M2937GxB6rIRONxRCFKOyK1E4yO80dGwPicluVWTSBlcdSDJQs

2qUJslwWO/NCm16T13WcdWiAd9O07MsFTntdqUiJqwshM+jlfqw=

=WzlL

—–END PGP SIGNATURE—–